Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

New automatic Internet worm spreading at increasing pace

03 May, 2004 09:24

<p>PRESS RELEASE</p><p>For release May 2, 2004</p><p>New automatic Internet worm spreading at increasing paceF-Secure issuing a global alert on the Sasser worm</p><p>As an Australian Distributor for F-Secure for over 8 years, Open Systems Australia would like to provide you with the following news release.</p><p>F-Secure Corporation has been following the spread of the Sasser worm overthe weekend of May 1st. This new worm spreads to Windows PCs automatically,even if nobody is using the PC at the time. After a machine gets infected,the worm will start to spread to other computers. As a side effect, usersmight see error messages and experience the computer rebooting repeatedly.</p><p>The number of affected PCs is already estimated to be in hundreds ofthousands and it will continue to rise as the working week starts. "This caseresembles the Blaster incident from August 2003 a lot", says Mikko Hypponen,director of antivirus research at F-Secure. "Both were automatic worms usinga relatively new hole in Windows and causing frequent reboots." Together withSlammer and Sobig.F, Blaster was one of the largest virus incidents of 2003and even caused problems to infrastructure systems such as ATM networks andtrain and air travel systems. "I hope administrators have improved securitysince then. Otherwise we might see similar problems again", says Hypponen.</p><p>Two slightly different versions of the Sasser worm were discovered on May1st. These worms spread through the LSASS vulnerability, which was discoveredin mid-April. The Microsoft patch to close the hole had been available fordownload for 18 days before Sasser was found. The worm is targetting Windows2000 and XP machines - the two most common operating systems. However, thenetwork traffic generated by the worm might slow down other systems as well,including non-Windows systems.</p><p>Corporate networks should be protected against Sasser and its variants by thecorporate firewalls, separating internal networks from public networks."We're mostly worried about Monday morning, when hordes of laptop usersreturn to their workplaces with their machines, possibly carrying the virusbehind the firewall", comments Hypponen.</p><p>For home users, the advice is simple: if you're running Windows 2000 or XPand have not updated your Windows during the last two weeks, do NOT go onlinewithout a firewall.</p><p>If your computer is already infected, you need to patch the LSASS hole first,then remove the worm - otherwise the worm could reinfect you right away.F-Secure's and Microsoft's websites have detailed instructions on how to dothis.</p><p>F-Secure's Viruslab is monitoring the situation in their weblog:http://www.f-secure.com/weblog/Technical description of the virus:http://www.f-secure.com/v-descs/sasser.shtmlF-Secure has released a free tool to remove the Sasser.A and Sasser.B worms.The tool is available fordownload from the above link.</p><p>Microsoft has more information on the incident at:http://www.microsoft.com/security/incident/sasser.aspMailing list policy</p><p>About F-Secure</p><p>F-Secure Corporation protects individuals and businesses against computerviruses and other threats coming through the Internet or mobile networks. Ouraward-winning solutions include antivirus, desktop firewall with intrusionprevention and network encryption. Our key strength is the speed of responseto new threats and for businesses our solutions feature centralizedmanagement. Founded in 1988, F-Secure has been listed on the HelsinkiExchanges since 1999. We have our headquarters in Helsinki, Finland, andoffices in USA, France, Germany, Sweden, the United Kingdom and Japan.F-Secure is supported by a global ecosystem of value added resellers anddistributors in over 50 countries. F-Secure protection is also availablethrough major Internet Service Providers, such as Deutsche Telekom andleading mobile equipment manufacturers, such as Nokia.</p><p>About Open Systems Australia</p><p>Open Systems Australia, a Canberra based company, was founded 13 years ago with the aim of providing high-end security, computing and data networking solutions for Fortune-500 Corporations, Federal and State Government Departments, Australia-wide.This has developed into an extensive distribution business servicing over 2000 resellers Australia wide. Open Systems Australia has the in-house project management and technical / engineering capabilities to undertake virtually any I.T. project, anywhere in the Pacific region.</p><p>For further information please contact:</p><p>Sarah HawkinsMarketing ManagerOpen Systems Australia02 6261 4900sarah.hawkins@opensystems.com.au</p>

Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.